0
This work addresses security vulnerabilities in widely used BLS signature implementations for blockchain systems like Ethereum, though it is incremental as it builds on known issues with zero in cryptography.
The paper identified cryptographic bugs in four BLS signature libraries related to the number 0, leading to vulnerabilities, and developed 'splitting zero' attacks exposing weaknesses in a standardized aggregate signature scheme, with bug bounties totaling $35,000 awarded.
What is the funniest number in cryptography? 0. The reason is that for all x, x*0 = 0, i.e., the equation is always satisfied no matter what x is. This article discusses crypto bugs in four BLS signatures' libraries (ethereum/py ecc, supranational/blst, herumi/bls, sigp/milagro bls) that revolve around 0. Furthermore, we develop "splitting zero" attacks to show a weakness in the proof-of-possession aggregate signature scheme standardized in BLS RFC draft v4. Eth2 bug bounties program generously awarded $35,000 in total for the reported bugs.